Thursday, April 23, 2009

Dreamweaver and md5

I started out my PHP programming years relying heavily on dreamweaver to do my database coding. At the beginning I was  restricted in my abilities to what dreamweaver was capable of doing, yet over the years  my abilities grew and I now only use it to do the repetitive grunt work.

One thing I could never figure out was how to create encrypted password security systems using dreamweaver and I just figured it out using md5 and it is a piece of cake. I am posting it because I could not find it on google and thought other people like me could be looking for the code. I am using Dreamweaver CS4 at this time, but I don’t think that will matter.

For this tutorial, simply use Dreamweaver to build your username/password insertion page and login page as normal and I will show what you need to modify to make it work.On to the code…

The code that inserts passwords into the database…..

$insertSQL = sprintf("INSERT INTO `admin` (admin_name, admin_pass, admin_level) VALUES (%s, %s, %s)",
                       GetSQLValueString($_POST['admin_name'], "text"),
                       GetSQLValueString(md5($_POST['admin_pass']), "text"),
                       GetSQLValueString($_POST['admin_level'], "int"));


As you can see, I simply inserted md5 with a new bracket around it…. That’s it, it is inserted into DB as md5


The Login page

if (isset($_POST['username'])) {
  $MM_fldUserAuthorization = "admin_level";
  $MM_redirectLoginSuccess = "login_good.php";
  $MM_redirectLoginFailed = "login_bad.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_mine, $mine);
  $LoginRS__query=sprintf("SELECT admin_name, admin_pass, admin_level FROM `admin` WHERE admin_name=%s AND admin_pass=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
  $LoginRS = mysql_query($LoginRS__query, $mine) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    $loginStrGroup  = mysql_result($LoginRS,0,'admin_level');
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;           

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];           
    header("Location: " . $MM_redirectLoginSuccess );
  else {
    header("Location: ". $MM_redirectLoginFailed );

this is a standard Dreamweaver generated login page, on this line   $password=$_POST['password']; , again I simply inserted  md5 and the bracket - $password=md5($_POST['password']);

Thats it, Dreamweaver and md5, piece of cake

Wednesday, April 22, 2009

Pagination Update

I found a bug in my pagination code, if I had an amount of results which was a multiple of the amount to display per page, i got an extra page link which had no results

So i am using the ceil function now instead on the round function, this fixes the problem

$amountofpages = ceil($totalRows_Recordset_paging / $number_per_page);

I also modified it to have a "selected" page state for the very first page.. this was done by adding.

$whichpage = $_GET['whichpage'];

full code below...
Also, im sorry but blogger wont let me write HTML code, so i used a very long way to display my link at the bottom

$id = $_GET['id']; // this is a variable unrelated to the paging, but used for the data display
$whichpage = $_GET['whichpage']; // this tells us which page we are on

// checking to see what page we are on and what results we should display
if(!$_GET['whichpage']) {
$thepage = 0; 
$thepage_final = 0;
} else {
$thepage = $_GET['whichpage'];
$thepage_final = $thepage - 1; 

$number_per_page = 6; // how many results we should display per page
$startnumber = $thepage_final * $number_per_page; // which number to start the new record display from

// recordset to display results
mysql_select_db($database_mine, $mine);
$query_Recordset_shoelist = "SELECT * FROM shoes WHERE shoes_cat = $id ORDER BY shoes_name ASC LIMIT $startnumber, $number_per_page";
$Recordset_shoelist = mysql_query($query_Recordset_shoelist, $mine) or die(mysql_error());
$totalRows_Recordset_shoelist = mysql_num_rows($Recordset_shoelist);

// recordset for paging
$query_Recordset_paging = "SELECT * FROM shoes WHERE shoes_cat = $id ORDER BY shoes_name ASC";
$Recordset_paging = mysql_query($query_Recordset_paging, $mine) or die(mysql_error());
$totalRows_Recordset_paging = mysql_num_rows($Recordset_paging);

// i round this up to have even amount of pages
$amountofpages = ceil($totalRows_Recordset_paging / $number_per_page);

// this is my display, inserted in the HTML wherever you want the page numbers to display 

$number_per_page) { ?>

// this is my display

$i = 1;
while ($i <= $amountofpages):

if($whichpage == $i) {
echo "" . $i. ""; 
} else {
echo "<" ' "a href=brand_list.php?id=" . $id . "&whichpage=" . $i . "&id2=" . $id2 . " class=pagelink>" . $i. "<" . "/" . "a>";